[Linux-cluster] LDAP as a service
Kaloyan Kovachev
kkovachev at varna.net
Fri Jan 25 09:47:49 UTC 2013
Hi,
there should be openldap resource in your cluster, but if not you can
always use a script resource or write your own.
On Thu, 24 Jan 2013 14:49:45 -0800, Rick Stevens <ricks at alldigital.com>
wrote:
> On 01/24/2013 01:57 PM, Dryden, Tom issued this missive:
>>
>> Good Afternoon,
>>
>> There are a couple of reasons to implement LDAP on a cluster.
>> 1. I have a cluster with GFS partitions available.
>
> Good.
>
>> 2. Want to avoid the cost putting up 2 more machines for master -
>> master LDAP operation.
>
> Master-master LDAP replication is not hard to do and you're still going
> to have two machines running LDAP. Perhaps not simultaneously, but you
> will still have two machines.
>
>> 3. Want to avoid the timeout the client experiences when the primary is
>> unavailable.
>
> This is what the TIMEOUT and SIZELIMIT and NETWORK_TIMEOUT variables in
> the various incarnations of the ldap.conf file are for. The defaults do
> make things sluggish if a primary goes down, but you can tweak that.
>
>> My thought is to have the LADP data stored on a GFS partition while the
>> LDAP server process and IP address are managed as a service. In this
>> configuration the process can move between nodes with no impact to the
>> clients.
>
> Personally, I think you're over complicating things and unless you have
> a ridiculously big LDAP database that you don't want to replicate, I
> don't think you're really buying anything here. We run several master-
> master LDAP clusters here--even with one replicating across the country
> (California <--> Florida). Works fine.
>
> That being said, as with most FOSS stuff, there's more than one way to
> skin a mule. Do as you wish.
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer, AllDigital ricks at alldigital.com -
> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
> - -
> - All generalizations are false. -
> ----------------------------------------------------------------------
More information about the Linux-cluster
mailing list